Created
April 1, 2024 12:23
-
-
Save cabecada/1aa907aed2afb22ae68cefec2be2da0a to your computer and use it in GitHub Desktop.
citus demo
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
postgres@pg:~/poc/patroni$ git status | |
On branch master | |
Your branch is up to date with 'origin/master'. | |
Changes not staged for commit: | |
(use "git add <file>..." to update what will be committed) | |
(use "git restore <file>..." to discard changes in working directory) | |
modified: Dockerfile.citus | |
modified: docker-compose-citus.yml | |
modified: postgres0.yml | |
modified: postgres1.yml | |
modified: postgres2.yml | |
Untracked files: | |
(use "git add <file>..." to include in what will be committed) | |
ssl-cert-snakeoil.key | |
ssl-cert-snakeoil.pem | |
no changes added to commit (use "git add" and/or "git commit -a") | |
postgres@pg:~/poc/patroni$ pwd | |
/var/lib/postgresql/poc/patroni | |
postgres@pg:~/poc/patroni$ git remote | |
origin | |
postgres@pg:~/poc/patroni$ git remote -v | |
origin https://github.com/zalando/patroni.git (fetch) | |
origin https://github.com/zalando/patroni.git (push) | |
#i copied the snake certs from the build to host and then copied them back for each pg container | |
postgres@pg:~/poc/patroni$ git diff Dockerfile.citus | |
diff --git a/Dockerfile.citus b/Dockerfile.citus | |
index 6f02215..59a1988 100644 | |
--- a/Dockerfile.citus | |
+++ b/Dockerfile.citus | |
@@ -16,6 +16,17 @@ ARG LANG | |
ENV ETCDVERSION=3.3.13 CONFDVERSION=0.16.0 | |
+COPY ssl-cert-snakeoil.key $PGHOME/ | |
+COPY ssl-cert-snakeoil.pem $PGHOME/ | |
+COPY ssl-cert-snakeoil.key /etc/ssl/certs/ssl-cert-snakeoil.key | |
+COPY ssl-cert-snakeoil.pem /etc/ssl/certs/ssl-cert-snakeoil.pem | |
+ | |
+RUN chmod 0640 /etc/ssl/certs/ssl-cert-snakeoil.key /etc/ssl/certs/ssl-cert-snakeoil.pem | |
+RUN chown postgres /etc/ssl/certs/ssl-cert-snakeoil.key /etc/ssl/certs/ssl-cert-snakeoil.pem | |
+ | |
+ | |
+WORKDIR $PGHOME | |
+ | |
RUN set -ex \ | |
&& export DEBIAN_FRONTEND=noninteractive \ | |
&& echo 'APT::Install-Recommends "0";\nAPT::Install-Suggests "0";' > /etc/apt/apt.conf.d/01norecommend \ | |
@@ -82,6 +93,10 @@ RUN set -ex \ | |
> /usr/local/bin/confd && chmod +x /usr/local/bin/confd; \ | |
fi \ | |
# Prepare client cert for HAProxy | |
+ && cat ${PGHOME}/ssl-cert-snakeoil.key > /etc/ssl/private/ssl-cert-snakeoil.key \ | |
+ && cat ${PGHOME}/ssl-cert-snakeoil.pem > /etc/ssl/certs/ssl-cert-snakeoil.pem \ | |
+ && chmod 0640 /etc/ssl/private/ssl-cert-snakeoil.key \ | |
+ && chmod 0640 /etc/ssl/certs/ssl-cert-snakeoil.pem \ | |
&& cat /etc/ssl/private/ssl-cert-snakeoil.key /etc/ssl/certs/ssl-cert-snakeoil.pem > /etc/ssl/private/ssl-cert-snakeoil.crt \ | |
\ | |
# Clean up all useless packages and some files | |
@@ -171,6 +186,13 @@ COPY extras/confd/conf.d/haproxy.toml /etc/confd/conf.d/ | |
COPY extras/confd/templates/haproxy-citus.tmpl /etc/confd/templates/haproxy.tmpl | |
COPY patroni*.py docker/entrypoint.sh / | |
COPY postgres?.yml $PGHOME/ | |
+COPY ssl-cert-snakeoil.key $PGHOME/ | |
+COPY ssl-cert-snakeoil.pem $PGHOME/ | |
+COPY ssl-cert-snakeoil.key /etc/ssl/certs/ssl-cert-snakeoil.key | |
+COPY ssl-cert-snakeoil.pem /etc/ssl/certs/ssl-cert-snakeoil.pem | |
+ | |
+RUN chmod 0640 /etc/ssl/certs/ssl-cert-snakeoil.key /etc/ssl/certs/ssl-cert-snakeoil.pem | |
+RUN chown postgres /etc/ssl/certs/ssl-cert-snakeoil.key /etc/ssl/certs/ssl-cert-snakeoil.pem | |
WORKDIR $PGHOME | |
then build multiple pg versions | |
docker build -f Dockerfile.citus -t patroni-citus-16 --build-arg="PG_MAJOR=16" . | |
docker build -f Dockerfile.citus -t patroni-citus-15 --build-arg="PG_MAJOR=15" . | |
# then mix docker-compose with pg16 pg15 | |
postgres@pg:~/poc/patroni$ git diff docker-compose-citus.yml | |
diff --git a/docker-compose-citus.yml b/docker-compose-citus.yml | |
index da71c50..4529a3d 100644 | |
--- a/docker-compose-citus.yml | |
+++ b/docker-compose-citus.yml | |
@@ -16,7 +16,7 @@ networks: | |
services: | |
etcd1: &etcd | |
- image: ${PATRONI_TEST_IMAGE:-patroni-citus} | |
+ image: patroni-citus-15 | |
networks: [ demo ] | |
environment: | |
ETCD_LISTEN_PEER_URLS: http://0.0.0.0:2380 | |
@@ -42,7 +42,7 @@ services: | |
command: etcd --name etcd3 --initial-advertise-peer-urls http://etcd3:2380 | |
haproxy: | |
- image: ${PATRONI_TEST_IMAGE:-patroni-citus} | |
+ image: patroni-citus-15 | |
networks: [ demo ] | |
env_file: docker/patroni.env | |
hostname: haproxy | |
@@ -63,7 +63,7 @@ services: | |
PGSSLROOTCERT: /etc/ssl/certs/ssl-cert-snakeoil.pem | |
coord1: | |
- image: ${PATRONI_TEST_IMAGE:-patroni-citus} | |
+ image: patroni-citus-15 | |
networks: [ demo ] | |
env_file: docker/patroni.env | |
hostname: coord1 | |
@@ -74,7 +74,7 @@ services: | |
PATRONI_CITUS_GROUP: 0 | |
coord2: | |
- image: ${PATRONI_TEST_IMAGE:-patroni-citus} | |
+ image: patroni-citus-15 | |
networks: [ demo ] | |
env_file: docker/patroni.env | |
hostname: coord2 | |
@@ -84,7 +84,7 @@ services: | |
PATRONI_NAME: coord2 | |
coord3: | |
- image: ${PATRONI_TEST_IMAGE:-patroni-citus} | |
+ image: patroni-citus-15 | |
networks: [ demo ] | |
env_file: docker/patroni.env | |
hostname: coord3 | |
@@ -95,7 +95,7 @@ services: | |
work1-1: | |
- image: ${PATRONI_TEST_IMAGE:-patroni-citus} | |
+ image: patroni-citus-15 | |
networks: [ demo ] | |
env_file: docker/patroni.env | |
hostname: work1-1 | |
@@ -106,7 +106,7 @@ services: | |
PATRONI_CITUS_GROUP: 1 | |
work1-2: | |
- image: ${PATRONI_TEST_IMAGE:-patroni-citus} | |
+ image: patroni-citus-15 | |
networks: [ demo ] | |
env_file: docker/patroni.env | |
hostname: work1-2 | |
@@ -117,7 +117,7 @@ services: | |
work2-1: | |
- image: ${PATRONI_TEST_IMAGE:-patroni-citus} | |
+ image: patroni-citus-16 | |
networks: [ demo ] | |
env_file: docker/patroni.env | |
hostname: work2-1 | |
@@ -128,7 +128,7 @@ services: | |
PATRONI_CITUS_GROUP: 2 | |
work2-2: | |
- image: ${PATRONI_TEST_IMAGE:-patroni-citus} | |
+ image: patroni-citus-16 | |
networks: [ demo ] | |
env_file: docker/patroni.env | |
hostname: work2-2 | |
docker-compose -f docker-compose-citus.yml up | |
.... | |
postgres@pg:~$ cd /tmp/certs | |
postgres@pg:/tmp/certs$ #psql "sslmode=verify-ca sslrootcert=server.crt sslcert=server.crt sslkey=server.key hostaddr=127.0.0.1 port=5000" | |
postgres@pg:/tmp/certs$ ls | |
server.crt server.key | |
### | |
postgres@pg:~/poc/citus-example-ad-analytics$ git diff config/database.yml | |
diff --git a/config/database.yml b/config/database.yml | |
index 3a17508..a7b2302 100644 | |
--- a/config/database.yml | |
+++ b/config/database.yml | |
@@ -4,7 +4,11 @@ default: &default | |
pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %> | |
username: postgres | |
password: postgres | |
- port: 5600 | |
+ sslrootcert: 'config/certs/server.crt' | |
+ sslcert: 'config/certs/server.crt' | |
+ sslkey: 'config/certs/server.key' | |
+ sslmode: 'verify-ca' | |
+ port: 5000 | |
host: localhost | |
timeout: 5000 | |
variables: | |
@@ -12,15 +16,17 @@ default: &default | |
development: | |
<<: *default | |
- database: postgres | |
+ database: citus | |
+ host: localhost | |
test: | |
<<: *default | |
- database: postgres | |
+ database: citus | |
+ host: localhost | |
production: | |
<<: *default | |
- database: postgres | |
+ database: citus | |
username: postgres | |
password: postgres | |
host: localhost | |
### | |
645 bundle install | |
646* | |
647 vim config/database.yml | |
648 time bundle exec rake db:migrate | |
649 time bundle exec rake test_data:load_bulk | |
650 time bundle exec rake rollup:initial | |
651 time bundle exec rake rollup:initial | |
652 bundle exec rails s -b 0.0.0.0 -p 3003 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment